http:
# Secrets are defined in the file secrets.yaml
cors_allowed_origins:
- https://192.168.1.111:7080
- https://reformedreality.com
- http://reformedreality.com
base_url: https://mydomain.duckdns.org
ssl_certificate: /ssl/fullchain.pem
ssl_key: /ssl/privkey.pem
# Uncomment this if you are using SSL/TLS, running in Docker container, etc.
Ok, let’s start there, you either have SSL in the Home Assistant configuration.yaml OR Nginx. Don’t have it in both. Comment out the SSL bits in Home Assistant configuration, validate config and then restart. By default Home Assistant should run on port 8123 with no SSL, the Nginx add on will then proxy all requests arriving at port 443 through to Home Assistant on port 8123.
Your http config however needs a few things added to be able to actually accept requests from Nginx:
I commented out the SSL info in the config but then I couldn’t access HA from WAN at all. I could only login on LAN via http://192.168.1.111:8123. I even had to add the “http” to get it to work
Have you verified that your router is actually setup to port forward connection requests coming to port 443 through to the Home Assistant local IP address on port 443?
Yes that is how my config works, I can access Home Assistant locally using port 8123 but via http, or I can access it via the full domain name (both internally and externally) using https on port 443 (which I don’t need to add to the URL)
Edit:
Please remember that you DO actually need this -
Without the trusted proxies, then Home Assistant will reject requests from Nginx. The address 172.30.33.0/24 is correct for Home Assistant supervised installs and the Home Assistant OS. But if you have installed Home Assistant in a different way, then the IP address might be different, so please ensure that the IP address you use is correct. The Home Assistant log will tell you the IP address of requests that were rejected because they weren’t listed as a trusted proxy.